(Cat? OR feline) AND NOT dog?
Cat? W/5 behavior
(Cat? OR feline) AND traits
Cat AND charact*

This guide provides a more detailed description of the syntax that is supported along with examples.

This search box also supports the look-up of an IP.com Digital Signature (also referred to as Fingerprint); enter the 72-, 48-, or 32-character code to retrieve details of the associated file or submission.

Concept Search - What can I type?

For a concept search, you can enter phrases, sentences, or full paragraphs in English. For example, copy and paste the abstract of a patent application or paragraphs from an article.

Concept search eliminates the need for complex Boolean syntax to inform retrieval. Our Semantic Gist engine uses advanced cognitive semantic analysis to extract the meaning of data. This reduces the chances of missing valuable information, that may result from traditional keyword searching.

Providing security to EFS files when they are accessed from the memory location

Publishing Venue

The IP.com Prior Art Database

Abstract

Disclosed is a system for protecting the encrypted file system data which has been loaded into memory by rootuser in Rootguard mode Specifically when root process acceess the dump of the process which has opened an encrypted File system and mmaped to it.

Country

Undisclosed

Language

English (United States)

This text was extracted from a PDF file.

This is the abbreviated version, containing approximately
38% of the total text.

Page 01 of 9

Providing security to EFS files when they are accessed from the memory location

The traditional approach of security in area of EFS has relied on the process of encryption and decryption of the key stores in order to access the file content. Definitions on EFS has provided below.

The Encrypted Files System enables individual users on the system to encrypt their data on J2 file system through their individual key stores. A key is associated to each user. These keys are stored in cryptographically protected key store and upon successful login, the user's keys are loaded into the kernel and associated with the

processes credentials. Later on, when the process needs to open an EFS-protected file, these credentials are tested and if a key matching the file protection is found, the process is able to decrypt the file key and therefore the file content

There are two modes for managing and using key stores, Root Admin and Root Guard

1>In root Admin mode,root can reset the user's key store password, and might gain access to the user's keys within this key store. This mode provides greater system administration flexibility.

password. It is not possible for root to substitute user (with the su command) and inherit an open key store. While root can create and delete users and groups. along with their associated key stores, cannot gain access to the keys within these key stores. This mode provides a greater degree of protection against an attack from malicious root.

Problem statement:

In root guard mode, still not able to provide greater degree of protection against an attack from malicious root Which contradict our existing approach stating it provides a greater degree of

protection against an attack from malicious root."

So below scenarios has been identified which proves Problem statement mentioned below.

Assume like one process P1 is running and having the proper key store to access the EFS file ..hence has opened an EFS file through MMAP and this process has got pointer to perform read and write operation to that EFS file.

Process P2 which doesn't have the proper key store ,currently running on the system can still access the EFS file page which is currently loaded into memory by using KDB and by switching to that particular Process(P1)context ..

1>login as user with proper key store1>open EFS file and get the file descriptor2>MMAP the file using file descriptor and get the effective address. 3>Perform Read and write operation using that effective address. 4>Perform some operations as per the requirement.5> Process P2 is performing the following steps: